1. Technical Field
The present invention relates to the field of data security. Particularly, the present invention relates to a system and method for providing conditional and secured access to confidential information transmitted over a public communication network. More particularly, the present invention relates to a system and method for securing the files transmitted as email attachments over a public communication network.
2. Description of Related Art
Nowadays, there exists a perennial need for having a secured public communication channel that does not compromise the security associated with sensitive information. While access to Public communication channels such as internet is increasing every day through a myriad of devices, its use for communication beyond secure enterprise networks, through popular internet applications has become commonplace. Public communication channels such as internet, given the fact that they are more accessible are also more vulnerable to theft of information.
Email is one of the oldest and most popular methods of exchanging information over interne and has become more accessible these days through a multitude of devices that can connect to the internet. While this makes transmission and access to information easier, it also makes confidential or sensitive information more vulnerable. Given the fact that emails reach a recipient's inbox hopping over multiple message servers and can be accessed from multiple devices heightens the risk of sensitive information being compromised either in transit or when devices are in the wrong hands either due to accidental loss or intentional theft.
Though there are existing protocols and systems for protection of emails during transit such as SSL/TLS, they are not enough to ensure that emails and sensitive information sent via mails is accessed only by the intended recipients. There are some methods already in use such as Information Rights Management (IRM) that try to prevent unauthorized access to information. However, existing IRM based systems work well within an intranet such as an enterprise network, and do not possess the scalability and extensibility necessary for deployment across a vast public communication network. One of the major drawbacks associated with IRM based systems is that the implementation of an IRM based system is restricted to private networks, intranet and enterprise networks. Another drawback of existing IRM based systems is that the information corresponding to file access policies is clubbed with the information that the IRM based system intends to protect. Therefore, once a file is hacked, changing the usage access policies may not provide serious challenges for a proficient hacker. Moreover, existing IRM based systems provide fixed file access policies applicable typically to a group of well-known internal recipients and also cannot be altered as per the requirements at a later point of time after the content is out of the protective IRM system.
Another alternative to IRM systems that try to cover this gap are cryptographic systems such as PGP (Pretty Good Privacy) which make use of encryption keys. However, selecting and distributing multiple encryption keys amongst multiple intended recipients is one of the vexing issues associated of these systems. Moreover, if one encryption key is commonly used for encrypting the document(s) transmitted to multiple recipients, in the event that the encryption key is revealed to unauthorized user(s), the security of all the documents using the encryption key would be compromised. Another drawback associated to with the existing cryptographic systems is that they are complex and cumbersome in terms of management.
Moreover, an email and its parts (including the attachments) are difficult to protect and secure, subsequent to them reaching a recipient. The fact that email is ubiquitous and accessible from a multitude of electronic devices makes the sensitive information transmitted via email more vulnerable, in the event that the security of a device having access to sensitive emails is compromised. Further, there exists no other system/method that enables an email sender to secure/protect the parts of the email, and enables the sender to manage the access rights corresponding to an email after the email has been transmitted to an intended recipient.
Therefore, there was felt a need for a system method that overcame the aforementioned drawbacks. Moreover, there was also felt a need for an uncomplicated and easy to manage system and method that provides for the files transmitted along with entails as attachments, over a public communication network to be protected, made accessible to only the authorized user and controllable or managable even at a later point of time.